Analysis
-
max time kernel
129s -
max time network
130s -
platform
android_x86 -
resource
android-x86-arm-20240514-en -
resource tags
-
submitted
23-05-2024 12:04
General
-
Target
6ae13257be7b6861d68943eb2a95eace_JaffaCakes118.apk
-
Size
649KB
-
MD5
6ae13257be7b6861d68943eb2a95eace
-
SHA1
f76ed6e06e16307a3db88bc7aa05644b3927d787
-
SHA256
0fc6d8af79195e401d8bf92352a96df8455390cd8572ab057bd8f5c030a6c052
-
SHA512
f9ab18f133bbdd4702b2d723f4da517a93a511e858cea77bb777f2e6624986c792a344204d9b21f58da882a4f009545da13d98d610363f04aa1907f5c6608de8
-
SSDEEP
12288:xw6TfQpveQAQmQVAu0rA+gXP9NrhT5v2/26UBt4s:IRR/VMrA7rrhTx2+7tz
Malware Config
Signatures
-
Checks if the Android device is rooted. 1 TTPs 2 IoCs
-
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
-
Checks CPU information 2 TTPs 1 IoCs
Checks CPU information which indicate if the system is an emulator.
-
Queries information about running processes on the device 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about running processes on the device.
-
Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
-
Checks if the internet connection is available 1 TTPs 1 IoCs
-
Reads information about phone network operator. 1 TTPs
-
Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
Processes
-
com.gameloft.android.ANMP.GloftFBHM.installhelper1⤵
- Checks if the Android device is rooted.
- Checks CPU information
- Queries information about running processes on the device
- Queries information about the current Wi-Fi connection
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Checks if the internet connection is available
- Listens for changes in the sensor environment (might be used to detect emulation)
-
getprop2⤵
-
Network
MITRE ATT&CK Mobile v15
Defense Evasion
Hide Artifacts
1User Evasion
1Virtualization/Sandbox Evasion
1System Checks
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
MD5f2b4b0190b9f384ca885f0c8c9b14700
SHA1934ff2646757b5b6e7f20f6a0aa76c7f995d9361
SHA2560a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514
SHA512ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1
-
Filesize
512B
MD50b86485060cd96072782f7cfcb662ece
SHA1692681610f0c98ba0218a11edd65297a1b3e80b0
SHA256f2751a060c0662415136a9a64017a1f5ec6cb2db0f88fac48e2cc958b16a7ada
SHA512226b23421e71091146007ecdf9c9a5dc63657e80f557974c86a4e6712b454c619477cff097261329af1b2399863ed0300546583aeef0cf3c7cf71d184eb2fd31
-
Filesize
56KB
MD52a70a1d0b59f5555f86c3c9eb907a985
SHA1323962e510156f6c9e2fd503d79fd70d1c9d0d87
SHA256913a78b8b1f06705def10bd979f56f1b51f1dd5dae45f83a7f10578918a43c3e
SHA512cb5df1a9c98b8c6cae4411d4a936dc9c17e7f8d6e2025b5c87143dcf3cdae772e0ca8b5c3ed80c73e2683323d464a8566630f311c53ba663f1c8dbae3bd48845
-
Filesize
512B
MD526cf1fda4ad99dba570a900143fb4064
SHA1bc1cff663cb0c585aeb79ce0d4d6caadc85e42a6
SHA2560e2e79847026fa63f2b264108aaff8708a502244480f266fd77b60f6cf01d61a
SHA5125fa80559b5adc9fe174970238a2bd515f8ce567542a3e935abb973816c6cd276944517b9c41cc8c5d19babefb24bbc86b24a0a2926483e9671a7f32c72998d3b
-
Filesize
64KB
MD54bac363862042c632c892ad053caba93
SHA19e6f98da4c1670726e12199eb01d8047a87f14a9
SHA25624b19bdf1b80e4a64edad1ecba7c48a1ae639f589beb08cdd7e456a06743817e
SHA512e9a7724fad8468c0cb03b392df58fe4575d969a823563b29c34bf52a026903adc9adf5e3c1183f01e1de0d089cdc0fbe5f01012eaa50c233d95672c584726d11
-
Filesize
901B
MD5cc516cc7d81bcc19430d55aab63c70a1
SHA11750a7ac08862eb4d6183169d1fed1d1d73d0858
SHA256de7b90ac8fed832048bf7bfb92b6d2716bd18b6ac01b7bcdf64147ef49921d10
SHA51285d67a98b4f641420b05623bf399b768572f7769d32502958e2e476348961f6771c19fa92b059c5e388afa166f4443cec349c950527e619df7220981c7f05b8e
-
Filesize
20KB
MD5d5a5fd5227413faaf838cc6bcc9f54b7
SHA18c508b958fbdf4b3da4667e0e47ab148dcf313b5
SHA2565f9f298d326b0efee5b85ee03227b32564f6ba4b5073a5fc619615b94dcb9577
SHA512152db0a8b7ff3df2b19c48ee1e4d9e8ad9fb18ac428eb2846aac1243cb66e1ec9e725c2a7fdf8486b1062f7b70538adc541f8753e6e896171c73bee84f8a7d42
-
Filesize
24KB
MD5571b7f65ac6f111029cf058d9c2b9dfd
SHA12c756671d8e7259461f0b7eb15e4d0b7c9be6ce8
SHA2566877ce73db4e77863251875e8e17edfd78d09bbfe5c081d5276624efc9bb3cc6
SHA512e4fcec1aefd7a73838d1d148f2e72536a355db634b3eafb576e5718d41174486cde9fbd3edb62c4b46ec7ab841a9b2c1863849731c73dc721408e9ab06c5bb9c
-
Filesize
32KB
MD50fcb31920c258bcb52a89d3acddf2d4a
SHA1dd764d611e087ef4e43f0a5cd3f3be85e062eb17
SHA256b455bb6d9ca4b802054f6f1e72d66184b37897ba60a1e5b5de456454ddd07828
SHA512009f5d30aedf58e5c88835cee9a6b87a073660627beda8a09070eeb9139be05f78d11677ce31152f57a988ff132a469d9231140fea3f4c7cb078d39fa55509a3
-
Filesize
28KB
MD560cb018d310583aae86db0d74e09273a
SHA1aa5ada74ac73311832f1ed58e11d7e9456124cc0
SHA256645038fc7679b9d34a42cae56c4ee4a4ba56f41bbdae97db87f440412ee7b083
SHA512336858790e53b03f318e2a4f7d5802c577fe97ba3fbe32ece0b1befdb9108dd49d1fb2c91b54021cd98e260a293ec427fc5186e7fa9ec1507e0a192cc7000224
-
Filesize
28KB
MD50e9158ab0659857d34e8ef84f5ab0629
SHA17b9702962365b4dfecbc61c183b377156eab6eff
SHA256ecf8fd4d5183125d19b196a4a7af938f04adbcfb8498ba1068ae05a1c40fc37f
SHA5125be16cfe38e5a35cba871e3996952704a918af6a3eb34f249cad1cca28415207362d3d92c413982330863601a3d363fe2c2aab3011bc3a95590848e669c22e60
-
Filesize
40KB
MD5bb0f807c433dd2d47b09220571f9d8f1
SHA119ddd8e003e7e5bac2471cb97e4062b71110a4f5
SHA256d783bc868932246dfc94a8193a6bc0c8b130062a44eb155ec49b9bef0639b5a2
SHA5124ca60b536b65019dfa457b84c6feac0ecd93193e01736264208b4158c0317e389e0482d6cdea4c4739faab1748bee1bd01750acb50e56a1202f1ab6ecf21cb07
-
Filesize
512B
MD5786de9d1b16eb2d2a27b2f0880659235
SHA18e2e0ec6c8ef009964b81cfeffc4ac1cd99a1fed
SHA256a27896b14f8151aa3ce8ea8372652ff011850a6baef0216c24187284171e0721
SHA512b43f79c64b2022a6b4da173e38417b3377290f91a3484a259ea52e7e49d864605643aadec1491ac737e63cfeef72631d4bd1f9b3f8b8933021a5261169a383e7
-
Filesize
32KB
MD5bb7df04e1b0a2570657527a7e108ae23
SHA15188431849b4613152fd7bdba6a3ff0a4fd6424b
SHA256c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479
SHA512768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012
-
Filesize
8KB
MD508a87611b66ed8fb91f6ec4bd595a2fa
SHA10a93c504b4197454b6fb862f56e0adbcae6f1a73
SHA256a4c145d5b9c8b5b9fb0699ae3a52c985aeffba76aaedcd4e9c4bc36b21858d98
SHA512a95a460f25653c5926acd138f57d58a9786d4fcb03678da5655892a5d7f1f6fdf1744224f2edf7da53188c4484012f112405f44ccbacd246668b23b669c59b2f
-
Filesize
8KB
MD5ad0ba3b848f1035fc5be84081ff78912
SHA15e0edd13dd7930301fdc975c7eb74450839597d9
SHA2566a6bd2f1fb08bb1544b4d09ce88faa42769d151325a8aaac652b66ae566016fd
SHA512db7479a74b378408471dc99ae4aab94a252b21a92af674b19c1bd36cbe4e47eeac6ed89dd9e92ed100ecde7be928e5be851bb3d55bd4f2b7deb893e656f1fdb6
-
Filesize
8KB
MD5be063ab0b26cc3830737385538b2e43f
SHA1633f54d5f91752eb0734f0ae585acadb8d7086a2
SHA256a32cda0e875e1fe6633b5685a09aae4de0e59249c9e281864d660d17fe4d8603
SHA512985c422107b61034d64658b09106b785344d04f1dec2b3c846701a6662fe9888bce9485c25ecc682f6cd0b8e9bf3fce4ac2967e3913b63673447e37ceea9c7d3
-
Filesize
8KB
MD52a4a03dbe040aa01d3c5530224f1408d
SHA1b09ced9c9e2d30e0c958d16b3ba8e6de7ca900f8
SHA2562b22f2a9784360e12ce96b29f481e66659d07d629f7d50691ae6ba1ef0883448
SHA512b4ae8c5bbdd546d7e68f61adf3083f76df06d5336895a2dea2a69da2e3c5518b76fbe77bdf2622b50dad91207f43c7249c572eb7f0fe6e182425b69d3337bb21
-
Filesize
24KB
MD50d60092b08695e6c080c9a3efe282fb0
SHA1c9456c3b64299e19fe0eb4f592faa7b4790f58b3
SHA25627caa1e2451aa91b5d645178d9fcdd23978c0dc2a70829983df2f93254276340
SHA512095df243b1945f9ffca24d115cfa6c49694f88630be4041498342d3f1ec32c10766b58405933c3a9779d26848d4bb2dbb16112b4d26ac3198a07b8a39878c5e0
-
Filesize
72KB
MD58c4da9d4b46bee7c37c0a372665c4227
SHA1b9465375e1c7808d776a22022f247fae5dd1aa18
SHA256d18cc1477896fc7d14cf3c79a6abbc3a4b281c4ab310da147c7e32eed3996fce
SHA512e0c3b4e8f43d4d08da89c02a0024fb9ed4c0e99c569211bf1ca8e22c6097e6acda206dd26f3f7def41f1a538b9ae3637c5316ac81a8ea1578750e67945188c28
-
Filesize
310B
MD5f96664358618d231e03e15de6bff31c3
SHA1af7cbaeeb2763bcc6812763280d4e140c0072d42
SHA2569ff94b35f9b11e5f70e330fe106c7fb01de1960316eeba607ff9da527e1d1153
SHA512d5aa01d2e16237ca3a8199aefc60b3a3164acb938b3e42c4557ce625890bc0852c9998271ca4d1e57ba8378b4e21aaeb56c980b5ed035bde7eb9ce5bf41a4e9b
-
Filesize
158B
MD57359e3ced7247fdecfd10cbbacdc9879
SHA1a21728dd6d1d1a2ae6d92c259add3e29edf21c68
SHA2566dc962f945ac13a7def1238d93fa89dbc2cc794fcb5aa6705b21e94cf4596901
SHA5126c74735d811ad171ffb3992acd3fe5df2e17255c55b2ff1175ec04f5595cfd2771d508e48341888f430c1fc9b92fadda10cf2945e14bc29e35f25e1996c4a10c